Select Qwen local as CTO provider policy
This commit is contained in:
Svrnty
parent
ebcb2c96f1
commit
d9edf8a715
@ -35,7 +35,7 @@ Acceptance:
|
||||
|
||||
Status: blocked.
|
||||
|
||||
Build or supply one Case-compatible local provider adapter path only after the decision record selects `local_provider_required`.
|
||||
Build or supply one Case-compatible local provider adapter path after the decision record selects `local_provider_required`.
|
||||
|
||||
Acceptance:
|
||||
|
||||
@ -54,3 +54,9 @@ Blocked by:
|
||||
|
||||
- `CTO-WORK-020` decision record selecting `local_provider_required`.
|
||||
- A Case-compatible local provider adapter implementation or supplied local provider endpoint.
|
||||
|
||||
Current unblock:
|
||||
|
||||
- Decision record now selects `local_provider_required`.
|
||||
- Harness route blocks before `case_process_started` unless `CTO_HARNESS_CASE_LOCAL_BASE_URL` is supplied.
|
||||
- Remaining blocker is supplied local provider endpoint/config plus real Stage 2 pass evidence.
|
||||
|
||||
@ -15,7 +15,7 @@ Local planning SOT only. Not a Core Protocol. Not active Core authority.
|
||||
|
||||
## Problem Statement
|
||||
|
||||
`CTO-WORK-020` remains blocked until a provider policy decision exists. If the decision is `local_provider_required`, Cortex CTO needs a narrow route for a Case-compatible local model provider before real Case Stage 2 can run without external provider approval.
|
||||
`CTO-WORK-020` remains blocked until the selected local Qwen provider path produces real Case Stage 2 pass evidence. The decision is now `local_provider_required`, so Cortex CTO needs the narrow Case-compatible local model provider route to remain explicit and fail-closed.
|
||||
|
||||
## Solution
|
||||
|
||||
@ -74,4 +74,4 @@ Define a child-local Case-compatible local provider adapter route. This route do
|
||||
|
||||
## Success Definition
|
||||
|
||||
If JP chooses `local_provider_required`, the next implementation route is explicit: build or supply one Case-compatible local provider adapter path, then use `CTO-WORK-020` to admit the exact provider/model pair before any real Case Stage 2 retry.
|
||||
JP chose `local_provider_required`. The next implementation route is explicit: supply the local provider config for `qwen-local` / `qwen3.6-35b-a3b`, then use `CTO-WORK-020` and the Harness Evidence Interface before any real Case Stage 2 claim.
|
||||
|
||||
@ -106,7 +106,7 @@ Acceptance:
|
||||
- Admission JSON has `admission_timestamp`.
|
||||
- Admission JSON has `review_trigger`.
|
||||
- Admission JSON contains no secret keys or secret values.
|
||||
- Fallback to `vllm` / `qwen3.6-35b-a3b` remains explicit decision-record context and must be represented in runtime evidence before it may count as a Case provider/model path.
|
||||
- Fallback to `openai-codex` / `gpt-5.5` remains explicit decision-record context and must be represented in runtime evidence before it may count as a Case provider/model path.
|
||||
- `CTO-WORK-020` remains blocked until real Case Stage 2 produces a Harness Evidence Interface pass report using this admission file.
|
||||
- Real Case Stage 2 command must set `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` to this admission JSON path.
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ Register the compact decision packet for resolving the `CTO-WORK-020` provider p
|
||||
|
||||
Acceptance:
|
||||
|
||||
- States `not_decided` is current safe state.
|
||||
- States `local_provider_required` is current selected state.
|
||||
- Lists only `external_provider_approved` and `local_provider_required` as active branches.
|
||||
- Says it does not approve or admit any provider/model.
|
||||
- Says it is not Stage 2 pass evidence.
|
||||
@ -31,7 +31,7 @@ Acceptance:
|
||||
- Keeps `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` as execution admission gate.
|
||||
- Requires exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before admission.
|
||||
- Requires no secrets in SOT, task file, argv, report, trace, backend logs, generated config, or commits.
|
||||
- States `CTO-WORK-022` stays blocked unless `decision_status=local_provider_required`.
|
||||
- States `CTO-WORK-022` stays blocked until explicit local provider config and real Case Stage 2 pass evidence exist.
|
||||
- States real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.
|
||||
- States no Target Repository path may be inspected or copied.
|
||||
|
||||
@ -51,12 +51,12 @@ Acceptance:
|
||||
- If `local_provider_required`, the record sets provider class `local_case_compatible` and keeps exact provider/model empty until a local provider/model is supplied and admitted.
|
||||
- No secret value is written to SOT, task file, argv, report, trace, backend logs, generated config, or commit.
|
||||
- `CTO-WORK-020` remains blocked until admitted provider/model and real Stage 2 pass report exist.
|
||||
- `CTO-WORK-022` remains blocked unless `decision_status=local_provider_required`.
|
||||
- `CTO-WORK-022` remains blocked until explicit local provider config and real Case Stage 2 pass evidence exist.
|
||||
- Real Case Stage 2 remains blocked unless `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` exists and matches `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL`.
|
||||
|
||||
Resolved by:
|
||||
|
||||
- `CTO-CASE-PROVIDER-DECISION-RECORD.md` selecting `external_provider_approved`.
|
||||
- `CTO-CASE-PROVIDER-DECISION-RECORD.md` selecting `local_provider_required`.
|
||||
- Real Case Stage 2 remains blocked by `CTO-WORK-020` admission JSON and Harness Evidence Interface proof.
|
||||
|
||||
## CTO-WORK-025 - Initial Not-Decided Provider Decision Record
|
||||
@ -83,25 +83,25 @@ Acceptance:
|
||||
- Record keeps `CTO-WORK-022` blocked unless `decision_status=local_provider_required`.
|
||||
- Record keeps real Case Stage 2 blocked until admitted provider/model and Harness Evidence Interface pass report exist.
|
||||
|
||||
## CTO-WORK-026 - OpenAI Codex Primary Provider Decision
|
||||
## CTO-WORK-026 - Qwen Local Primary Provider Decision
|
||||
|
||||
Status: validated.
|
||||
|
||||
Record JP approval of the external provider decision branch for the current Hermes model stack.
|
||||
Record JP approval of the local Qwen primary provider decision branch for the current Hermes model stack.
|
||||
|
||||
Acceptance:
|
||||
|
||||
- Decision record has `decision_status`: `external_provider_approved`.
|
||||
- Decision record has `provider_class`: `external_openai_codex`.
|
||||
- Decision record has `provider`: `openai-codex`.
|
||||
- Decision record has `model`: `gpt-5.5`.
|
||||
- Decision record has `fallback_provider`: `vllm`.
|
||||
- Decision record has `fallback_model`: `qwen3.6-35b-a3b`.
|
||||
- Decision record has `credential_source_class`: `hermes-openai-codex-oauth-and-local-vllm-config`; no secret value.
|
||||
- Decision record has `allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`.
|
||||
- Decision record has `decision_status`: `local_provider_required`.
|
||||
- Decision record has `provider_class`: `local_case_compatible`.
|
||||
- Decision record has `provider`: `qwen-local`.
|
||||
- Decision record has `model`: `qwen3.6-35b-a3b`.
|
||||
- Decision record has `fallback_provider`: `openai-codex`.
|
||||
- Decision record has `fallback_model`: `gpt-5.5`.
|
||||
- Decision record has `credential_source_class`: `pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback`; no secret value.
|
||||
- Decision record has `allowed_network_class`: `local-tailscale-vllm-spark1-plus-codex-oauth-fallback`.
|
||||
- Decision record references Hermes model policy and local Hermes config as evidence sources without copying secrets.
|
||||
- Record says it is not provider/model admission and is not Stage 2 pass evidence.
|
||||
- Record says `CTO-WORK-024` is resolved by selecting `external_provider_approved`.
|
||||
- Record says `CTO-WORK-024` is resolved by selecting `local_provider_required`.
|
||||
- Record keeps `CTO-WORK-020` blocked until admission JSON and real Stage 2 pass evidence exist.
|
||||
- Record keeps `CTO-WORK-022` blocked because `decision_status=external_provider_approved`, not `local_provider_required`.
|
||||
- Record requires fallback to `vllm` with `qwen3.6-35b-a3b` to be explicit in admission evidence before it may count as a Case provider/model path.
|
||||
- Record keeps `CTO-WORK-022` blocked until explicit local provider config and real Case Stage 2 pass evidence exist.
|
||||
- Record requires fallback to `openai-codex` with `gpt-5.5` to be explicit in admission evidence before it may count as a Case provider/model path.
|
||||
|
||||
@ -25,14 +25,14 @@ Create a child-local decision packet that makes the `CTO-WORK-020` choice explic
|
||||
|
||||
- Summarize the current `CTO-WORK-020` blocker.
|
||||
- Present only two active decision branches: `external_provider_approved` and `local_provider_required`.
|
||||
- Preserve `not_decided` as the current safe state.
|
||||
- Preserve `local_provider_required` as the current selected state.
|
||||
- Require a structured decision record using only `not_decided`, `external_provider_approved`, or `local_provider_required`.
|
||||
- Require exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before any admission.
|
||||
- Reference existing evidence paths and commits; do not copy runtime evidence into the packet.
|
||||
- Require no secret value in SOT, task file, argv, report, trace, backend logs, generated config, or commit.
|
||||
- Keep `CTO-WORK-020` as the admission authority.
|
||||
- Keep the `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` admission JSON gate as execution authority.
|
||||
- Keep `CTO-WORK-022` blocked unless `decision_status=local_provider_required`.
|
||||
- Keep `CTO-WORK-022` blocked until explicit local provider config is supplied and real Case Stage 2 pass evidence exists.
|
||||
- Keep real Case Stage 2 blocked unless a provider/model is admitted and a pass report exists through the Harness Evidence Interface.
|
||||
- State that no Target Repository path may be inspected or copied.
|
||||
|
||||
@ -82,8 +82,8 @@ Required decision fields:
|
||||
|
||||
- `decision_status`: `local_provider_required`.
|
||||
- `provider_class`: `local_case_compatible`.
|
||||
- `provider`: empty until a local provider is supplied and admitted.
|
||||
- `model`: empty until a local model is supplied and admitted.
|
||||
- `provider`: exact local provider string.
|
||||
- `model`: exact local model string.
|
||||
- `approval_source`: JP approval reference or governed Core route reference.
|
||||
- `credential_source_class`: local credential or no-secret class only.
|
||||
- `allowed_network_class`: local-only or explicitly bounded network class.
|
||||
@ -94,13 +94,15 @@ Required decision fields:
|
||||
Consequences:
|
||||
|
||||
- `CTO-WORK-022` becomes the next implementation candidate.
|
||||
- `qwen-local` with model `qwen3.6-35b-a3b` may be recorded as the primary approved local provider only when the approval source, credential source class, allowed network class, review trigger, and admission JSON are recorded.
|
||||
- `openai-codex` with model `gpt-5.5` may be recorded as fallback only when fallback use is represented in admission evidence and does not hide provider/model switching.
|
||||
- No external fallback to `anthropic` or `claude-sonnet-4-6` is allowed.
|
||||
- Missing local adapter config blocks before `case_process_started`.
|
||||
- Admission JSON mismatch blocks before `case_process_started`.
|
||||
|
||||
## Acceptance Criteria
|
||||
|
||||
- Packet states `not_decided` is current safe state.
|
||||
- Packet states `local_provider_required` is current selected state.
|
||||
- Packet lists only `external_provider_approved` and `local_provider_required` as active branches.
|
||||
- Packet says it does not approve or admit any provider/model.
|
||||
- Packet says it is not Stage 2 pass evidence.
|
||||
@ -111,7 +113,7 @@ Consequences:
|
||||
- Packet requires exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before admission.
|
||||
- Packet permits provider class `external_openai_codex` only as a decision branch, not as admission or Stage 2 proof.
|
||||
- Packet requires no secrets in SOT, task file, argv, report, trace, backend logs, generated config, or commits.
|
||||
- Packet states `CTO-WORK-022` stays blocked unless `decision_status=local_provider_required`.
|
||||
- Packet states `CTO-WORK-022` stays blocked until explicit local provider config and real Case Stage 2 pass evidence exist.
|
||||
- Packet states real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.
|
||||
- Packet states no Target Repository path may be inspected or copied.
|
||||
|
||||
@ -130,4 +132,4 @@ Consequences:
|
||||
|
||||
## Success Definition
|
||||
|
||||
The `CTO-WORK-020` human-only blocker is represented as one precise decision packet: no provider/model is approved, no execution is authorized, and the next valid implementation path is unambiguous once JP chooses external provider approval or local provider requirement.
|
||||
The `CTO-WORK-020` human-only blocker is represented as one precise decision packet: local Qwen is the selected provider policy, no execution is authorized without admission plus Harness Evidence Interface proof, and fallback use remains explicit.
|
||||
|
||||
@ -15,26 +15,26 @@ Local planning SOT only. Not a Core Protocol. Not active Core authority.
|
||||
|
||||
## Current Decision State
|
||||
|
||||
- `decision_status`: `external_provider_approved`.
|
||||
- `provider_class`: `external_openai_codex`.
|
||||
- `provider`: `openai-codex`.
|
||||
- `model`: `gpt-5.5`.
|
||||
- `fallback_provider`: `vllm`.
|
||||
- `fallback_model`: `qwen3.6-35b-a3b`.
|
||||
- `decision_status`: `local_provider_required`.
|
||||
- `provider_class`: `local_case_compatible`.
|
||||
- `provider`: `qwen-local`.
|
||||
- `model`: `qwen3.6-35b-a3b`.
|
||||
- `fallback_provider`: `openai-codex`.
|
||||
- `fallback_model`: `gpt-5.5`.
|
||||
- `approval_source`: JP chat approval on 2026-05-31.
|
||||
- `credential_source_class`: `hermes-openai-codex-oauth-and-local-vllm-config`; no secret value.
|
||||
- `allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`.
|
||||
- `credential_source_class`: `pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback`; no secret value.
|
||||
- `allowed_network_class`: `local-tailscale-vllm-spark1-plus-codex-oauth-fallback`.
|
||||
- `review_trigger`: before real Case Stage 2 admission JSON is written, before any credential source change, and before any default/fallback model change.
|
||||
- `evidence_sources`: `CTO-CASE-MODEL-PROVIDER-ADMISSION-ISSUES.md`, `CTO-CASE-PROVIDER-DECISION-PACKET-PRD.md`, `CTO-CASE-PROVIDER-DECISION-PACKET-ISSUES.md`, `/home/svrnty/workspaces/hermes/scripts/apply-hermes-model-policy.py`, `/home/svrnty/.hermes/config.yaml`.
|
||||
- `effect`: `CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist`.
|
||||
|
||||
## Meaning
|
||||
|
||||
`external_provider_approved` means JP approved the provider decision branch for the existing Hermes model stack: `openai-codex` with model `gpt-5.5` as primary, and `vllm` with model `qwen3.6-35b-a3b` as fallback.
|
||||
`local_provider_required` means JP approved the provider decision branch for the existing Hermes model stack: `qwen-local` with model `qwen3.6-35b-a3b` as primary, and `openai-codex` with model `gpt-5.5` as fallback.
|
||||
|
||||
This record is not provider/model admission and is not Stage 2 pass evidence. It does not authorize Case to run until the `CTO-WORK-020` admission JSON exists and the Harness Evidence Interface proves real Stage 2.
|
||||
|
||||
`CTO-WORK-024` is resolved by this record selecting `external_provider_approved`.
|
||||
`CTO-WORK-024` is resolved by this record selecting `local_provider_required`.
|
||||
|
||||
## Decision History
|
||||
|
||||
@ -45,7 +45,7 @@ Previous state:
|
||||
|
||||
Future changes:
|
||||
|
||||
- Only JP or a governed Core route may change this record away from `external_provider_approved`.
|
||||
- Only JP or a governed Core route may change this record away from `local_provider_required`.
|
||||
- Allowed future values remain `external_provider_approved` or `local_provider_required`.
|
||||
|
||||
Any future state must include exact non-secret fields required by `CTO-WORK-020`: provider/model when applicable, approval source, credential source class, allowed network class, review trigger, and evidence expectations.
|
||||
@ -56,9 +56,9 @@ Any future state must include exact non-secret fields required by `CTO-WORK-020`
|
||||
- No Target Repository path may be inspected or copied.
|
||||
- `CTO-WORK-020` remains provider/model admission authority.
|
||||
- `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` remains execution admission gate.
|
||||
- `CTO-WORK-022` remains blocked because `decision_status=external_provider_approved`, not `local_provider_required`.
|
||||
- `CTO-WORK-022` remains blocked until explicit local provider config is supplied and real Case Stage 2 pass evidence exists.
|
||||
- Real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.
|
||||
- Fallback to `vllm` with `qwen3.6-35b-a3b` must be explicit in admission evidence before it may count as a Case provider/model path.
|
||||
- Fallback to `openai-codex` with `gpt-5.5` must be explicit in admission evidence before it may count as a Case provider/model path.
|
||||
- Existing evidence paths and commits are referenced only; runtime evidence is not copied into this record.
|
||||
|
||||
## Runtime Compatibility Finding - 2026-06-01
|
||||
@ -70,3 +70,11 @@ Any future state must include exact non-secret fields required by `CTO-WORK-020`
|
||||
- The non-secret admission JSON for that local Case path is `.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION.qwen-local-qwen3.6-35b-a3b.json`.
|
||||
- This finding does not change Hermes primary model policy.
|
||||
- This finding does not mark `CTO-WORK-020`, `CTO-WORK-016`, or Stage 2 as validated.
|
||||
|
||||
## Provider Policy Update - 2026-06-01
|
||||
|
||||
- JP selected `qwen-local` / `qwen3.6-35b-a3b` on Spark as the default Case provider path.
|
||||
- JP kept `openai-codex` / `gpt-5.5` as fallback only.
|
||||
- The fallback remains blocked by the known OpenAI Codex auth bridge gap unless a non-vendor bridge is proven.
|
||||
- The local Qwen path remains blocked before Case process start unless `CTO_HARNESS_CASE_LOCAL_BASE_URL` is explicitly supplied.
|
||||
- This update changes provider policy only. It does not mark real Case Stage 2 as passed.
|
||||
|
||||
@ -126,7 +126,7 @@ items:
|
||||
source: .sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-RECORD.md
|
||||
owner: ""
|
||||
- id: CTO-WORK-026
|
||||
title: OpenAI Codex Primary Provider Decision
|
||||
title: Qwen Local Primary Provider Decision
|
||||
status: validated
|
||||
source: .sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-RECORD.md
|
||||
owner: ""
|
||||
|
||||
@ -468,7 +468,7 @@ REQUIRED_MODEL_PROVIDER_ADMISSION_ISSUE_PHRASES = [
|
||||
"Admission JSON has `allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`.",
|
||||
"Admission JSON has `approval_source`: `JP chat approval on 2026-05-31`.",
|
||||
"Admission JSON contains no secret keys or secret values.",
|
||||
"Fallback to `vllm` / `qwen3.6-35b-a3b` remains explicit decision-record context and must be represented in runtime evidence before it may count as a Case provider/model path.",
|
||||
"Fallback to `openai-codex` / `gpt-5.5` remains explicit decision-record context and must be represented in runtime evidence before it may count as a Case provider/model path.",
|
||||
"`CTO-WORK-020` remains blocked until real Case Stage 2 produces a Harness Evidence Interface pass report using this admission file.",
|
||||
"Real Case Stage 2 command must set `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` to this admission JSON path.",
|
||||
]
|
||||
@ -493,7 +493,7 @@ REQUIRED_QWEN_LOCAL_ADMISSION_JSON = {
|
||||
|
||||
REQUIRED_LOCAL_PROVIDER_ROUTE_PRD_PHRASES = [
|
||||
"Local planning SOT only. Not a Core Protocol. Not active Core authority.",
|
||||
"`CTO-WORK-020` remains blocked until a provider policy decision exists.",
|
||||
"`CTO-WORK-020` remains blocked until the selected local Qwen provider path produces real Case Stage 2 pass evidence.",
|
||||
"`decision_status=local_provider_required`",
|
||||
"local_case_compatible",
|
||||
"CTO-WORK-020` admission JSON gate as authority",
|
||||
@ -548,7 +548,7 @@ REQUIRED_PROVIDER_DECISION_PACKET_PRD_PHRASES = [
|
||||
"`CTO-WORK-020` is blocked by a provider policy decision.",
|
||||
"`external_provider_approved`",
|
||||
"`local_provider_required`",
|
||||
"`not_decided` as the current safe state",
|
||||
"`local_provider_required` as the current selected state",
|
||||
"does not approve a provider/model",
|
||||
"does not approve or admit any provider/model",
|
||||
"is not Stage 2 pass evidence",
|
||||
@ -558,7 +558,7 @@ REQUIRED_PROVIDER_DECISION_PACKET_PRD_PHRASES = [
|
||||
"CTO_HARNESS_CASE_MODEL_ADMISSION_FILE",
|
||||
"exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations",
|
||||
"no secret value in SOT, task file, argv, report, trace, backend logs, generated config, or commit",
|
||||
"`CTO-WORK-022` blocked unless `decision_status=local_provider_required`",
|
||||
"`CTO-WORK-022` blocked until explicit local provider config is supplied and real Case Stage 2 pass evidence exists",
|
||||
"real Case Stage 2 blocked unless a provider/model is admitted and a pass report exists through the Harness Evidence Interface",
|
||||
"no Target Repository path may be inspected or copied",
|
||||
"`provider_class`: `external_anthropic`",
|
||||
@ -581,7 +581,7 @@ REQUIRED_PROVIDER_DECISION_PACKET_ISSUE_IDS = [
|
||||
|
||||
REQUIRED_PROVIDER_DECISION_PACKET_ISSUE_PHRASES = [
|
||||
"Status: validated.",
|
||||
"`not_decided` is current safe state",
|
||||
"`local_provider_required` is current selected state",
|
||||
"`external_provider_approved`",
|
||||
"`local_provider_required`",
|
||||
"does not approve or admit any provider/model",
|
||||
@ -592,14 +592,14 @@ REQUIRED_PROVIDER_DECISION_PACKET_ISSUE_PHRASES = [
|
||||
"Keeps `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` as execution admission gate.",
|
||||
"Requires exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before admission.",
|
||||
"Requires no secrets in SOT, task file, argv, report, trace, backend logs, generated config, or commits.",
|
||||
"States `CTO-WORK-022` stays blocked unless `decision_status=local_provider_required`.",
|
||||
"States `CTO-WORK-022` stays blocked until explicit local provider config and real Case Stage 2 pass evidence exist.",
|
||||
"States real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.",
|
||||
"States no Target Repository path may be inspected or copied.",
|
||||
"Decision record selects exactly one branch: `external_provider_approved` or `local_provider_required`.",
|
||||
"Decision record is structured and uses only `not_decided`, `external_provider_approved`, or `local_provider_required`.",
|
||||
"Decision record references existing evidence paths and commits instead of copying runtime evidence.",
|
||||
"`CTO-WORK-020` remains blocked until admitted provider/model and real Stage 2 pass report exist.",
|
||||
"`CTO-WORK-022` remains blocked unless `decision_status=local_provider_required`.",
|
||||
"`CTO-WORK-022` remains blocked until explicit local provider config and real Case Stage 2 pass evidence exist.",
|
||||
"Real Case Stage 2 remains blocked unless `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` exists and matches `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL`.",
|
||||
"Decision record has `decision_status`: `not_decided`.",
|
||||
"Provider class, provider, model, approval source, credential source class, allowed network class, and review trigger remain empty while blocked.",
|
||||
@ -614,52 +614,52 @@ REQUIRED_PROVIDER_DECISION_PACKET_ISSUE_PHRASES = [
|
||||
"Record keeps `CTO-WORK-022` blocked unless `decision_status=local_provider_required`.",
|
||||
"Record keeps real Case Stage 2 blocked until admitted provider/model and Harness Evidence Interface pass report exist.",
|
||||
"Status: validated.",
|
||||
"Record JP approval of the external provider decision branch for the current Hermes model stack.",
|
||||
"Decision record has `decision_status`: `external_provider_approved`.",
|
||||
"Decision record has `provider_class`: `external_openai_codex`.",
|
||||
"Decision record has `provider`: `openai-codex`.",
|
||||
"Decision record has `model`: `gpt-5.5`.",
|
||||
"Decision record has `fallback_provider`: `vllm`.",
|
||||
"Decision record has `fallback_model`: `qwen3.6-35b-a3b`.",
|
||||
"Decision record has `credential_source_class`: `hermes-openai-codex-oauth-and-local-vllm-config`; no secret value.",
|
||||
"Decision record has `allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`.",
|
||||
"Record JP approval of the local Qwen primary provider decision branch for the current Hermes model stack.",
|
||||
"Decision record has `decision_status`: `local_provider_required`.",
|
||||
"Decision record has `provider_class`: `local_case_compatible`.",
|
||||
"Decision record has `provider`: `qwen-local`.",
|
||||
"Decision record has `model`: `qwen3.6-35b-a3b`.",
|
||||
"Decision record has `fallback_provider`: `openai-codex`.",
|
||||
"Decision record has `fallback_model`: `gpt-5.5`.",
|
||||
"Decision record has `credential_source_class`: `pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback`; no secret value.",
|
||||
"Decision record has `allowed_network_class`: `local-tailscale-vllm-spark1-plus-codex-oauth-fallback`.",
|
||||
"Decision record references Hermes model policy and local Hermes config as evidence sources without copying secrets.",
|
||||
"Record says `CTO-WORK-024` is resolved by selecting `external_provider_approved`.",
|
||||
"Record says `CTO-WORK-024` is resolved by selecting `local_provider_required`.",
|
||||
"Record keeps `CTO-WORK-020` blocked until admission JSON and real Stage 2 pass evidence exist.",
|
||||
"Record keeps `CTO-WORK-022` blocked because `decision_status=external_provider_approved`, not `local_provider_required`.",
|
||||
"Record requires fallback to `vllm` with `qwen3.6-35b-a3b` to be explicit in admission evidence before it may count as a Case provider/model path.",
|
||||
"Record keeps `CTO-WORK-022` blocked until explicit local provider config and real Case Stage 2 pass evidence exist.",
|
||||
"Record requires fallback to `openai-codex` with `gpt-5.5` to be explicit in admission evidence before it may count as a Case provider/model path.",
|
||||
]
|
||||
|
||||
REQUIRED_PROVIDER_DECISION_RECORD_PHRASES = [
|
||||
"Local planning SOT only. Not a Core Protocol. Not active Core authority.",
|
||||
"`decision_status`: `external_provider_approved`.",
|
||||
"`provider_class`: `external_openai_codex`.",
|
||||
"`provider`: `openai-codex`.",
|
||||
"`model`: `gpt-5.5`.",
|
||||
"`fallback_provider`: `vllm`.",
|
||||
"`fallback_model`: `qwen3.6-35b-a3b`.",
|
||||
"`decision_status`: `local_provider_required`.",
|
||||
"`provider_class`: `local_case_compatible`.",
|
||||
"`provider`: `qwen-local`.",
|
||||
"`model`: `qwen3.6-35b-a3b`.",
|
||||
"`fallback_provider`: `openai-codex`.",
|
||||
"`fallback_model`: `gpt-5.5`.",
|
||||
"`approval_source`: JP chat approval on 2026-05-31.",
|
||||
"`credential_source_class`: `hermes-openai-codex-oauth-and-local-vllm-config`; no secret value.",
|
||||
"`allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`.",
|
||||
"`credential_source_class`: `pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback`; no secret value.",
|
||||
"`allowed_network_class`: `local-tailscale-vllm-spark1-plus-codex-oauth-fallback`.",
|
||||
"`review_trigger`: before real Case Stage 2 admission JSON is written, before any credential source change, and before any default/fallback model change.",
|
||||
"/home/svrnty/workspaces/hermes/scripts/apply-hermes-model-policy.py",
|
||||
"/home/svrnty/.hermes/config.yaml",
|
||||
"`effect`: `CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist`.",
|
||||
"`external_provider_approved` means JP approved the provider decision branch for the existing Hermes model stack: `openai-codex` with model `gpt-5.5` as primary, and `vllm` with model `qwen3.6-35b-a3b` as fallback.",
|
||||
"`local_provider_required` means JP approved the provider decision branch for the existing Hermes model stack: `qwen-local` with model `qwen3.6-35b-a3b` as primary, and `openai-codex` with model `gpt-5.5` as fallback.",
|
||||
"This record is not provider/model admission and is not Stage 2 pass evidence.",
|
||||
"`CTO-WORK-024` is resolved by this record selecting `external_provider_approved`.",
|
||||
"`CTO-WORK-024` is resolved by this record selecting `local_provider_required`.",
|
||||
"Previous state:",
|
||||
"`decision_status`: `not_decided`.",
|
||||
"`not_decided` means no provider/model may run.",
|
||||
"Only JP or a governed Core route may change this record away from `external_provider_approved`.",
|
||||
"Only JP or a governed Core route may change this record away from `local_provider_required`.",
|
||||
"Allowed future values remain `external_provider_approved` or `local_provider_required`.",
|
||||
"No secret value may appear in SOT, task file, argv, report, trace, backend logs, generated config, or commit.",
|
||||
"No Target Repository path may be inspected or copied.",
|
||||
"`CTO-WORK-020` remains provider/model admission authority.",
|
||||
"`CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` remains execution admission gate.",
|
||||
"`CTO-WORK-022` remains blocked because `decision_status=external_provider_approved`, not `local_provider_required`.",
|
||||
"`CTO-WORK-022` remains blocked until explicit local provider config is supplied and real Case Stage 2 pass evidence exists.",
|
||||
"Real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.",
|
||||
"Fallback to `vllm` with `qwen3.6-35b-a3b` must be explicit in admission evidence before it may count as a Case provider/model path.",
|
||||
"Fallback to `openai-codex` with `gpt-5.5` must be explicit in admission evidence before it may count as a Case provider/model path.",
|
||||
"Existing evidence paths and commits are referenced only; runtime evidence is not copied into this record.",
|
||||
]
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user